KLStatus KLAcquireNewInitialTicketsWithPassword(KLPrincipal inPrincipal, KLLoginOptions inLoginOptions, const char *inPassword, char **outCredCacheName) { krb5_context context = mshim_ctx(); krb5_error_code ret; krb5_ccache cache; krb5_creds creds; char *service = NULL; krb5_get_init_creds_opt *opt = NULL; LOG_ENTRY(); if (inLoginOptions) { service = inLoginOptions->service; opt = inLoginOptions->opt; } ret = heim_krb5_get_init_creds_password(context, &creds, inPrincipal, inPassword, NULL, NULL, 0, service, opt); if (ret) return ret; ret = heim_krb5_cc_cache_match(context, inPrincipal, &cache); if (ret) ret = heim_krb5_cc_new_unique(context, NULL, NULL, &cache); if (ret) goto out; ret = heim_krb5_cc_initialize(context, cache, creds.client); if(ret) goto out; ret = heim_krb5_cc_store_cred(context, cache, &creds); if (ret) goto out; if (outCredCacheName) *outCredCacheName = strdup(heim_krb5_cc_get_name(context, cache)); out: if (cache) { if (ret) krb5_cc_destroy((mit_krb5_context)context, (mit_krb5_ccache)cache); else heim_krb5_cc_close(context, cache); } heim_krb5_free_cred_contents(context, &creds); return ret; }
static krb5_error_code fetch_creds(KLPrincipal inPrincipal, krb5_creds **ocreds, char **outCredCacheName) { krb5_context context = mshim_ctx(); krb5_principal princ = NULL; krb5_creds in_creds; krb5_const_realm realm; krb5_error_code ret; krb5_ccache id = NULL; LOG_ENTRY(); memset(&in_creds, 0, sizeof(in_creds)); if (inPrincipal) { ret = heim_krb5_cc_cache_match(context, inPrincipal, &id); } else { ret = heim_krb5_cc_default(context, &id); if (ret == 0) ret = heim_krb5_cc_get_principal(context, id, &princ); inPrincipal = princ; } if (ret) goto out; realm = heim_krb5_principal_get_realm(context, inPrincipal); ret = heim_krb5_make_principal(context, &in_creds.server, realm, KRB5_TGS_NAME, realm, NULL); if (ret) goto out; in_creds.client = inPrincipal; ret = heim_krb5_get_credentials(context, KRB5_GC_CACHED, id, &in_creds, ocreds); heim_krb5_free_principal(context, in_creds.server); if (outCredCacheName) *outCredCacheName = strdup(heim_krb5_cc_get_name(context, id)); out: if (id) heim_krb5_cc_close(context, id); if (princ) heim_krb5_free_principal(context, princ); return LOG_FAILURE(ret, "fetch_creds"); }
static cc_int32 ccache_get_name(cc_ccache_t in_ccache, cc_string_t *out_name) { struct cc_ccache *c = (struct cc_ccache *)in_ccache; const char *name; LOG_ENTRY(); if (out_name == NULL) return ccErrBadParam; if (c->id == NULL) return ccErrInvalidCCache; name = heim_krb5_cc_get_name(milcontext, c->id); if (name == NULL) return ccErrInvalidCCache; *out_name = create_string(name); return ccNoError; }